$ rpki-client -vvf repo-rpki.idnic.net/repo/d924fa9a-e5f3-4265-9e1d-84e4535961d0/0/BD5D46B5BFE72F2AA1188A9096B10E01474244B1.mft File: BD5D46B5BFE72F2AA1188A9096B10E01474244B1.mft (raw, json) Hash identifier: 0BsbPHka+SNLGsMwIiqkNBYS+NrO5t8uo9lW4tWVLCo= Subject key identifier: 38:CC:2A:F7:34:FE:B6:14:73:3E:3D:87:39:78:C6:FC:60:F6:10:A5 Authority key identifier: BD:5D:46:B5:BF:E7:2F:2A:A1:18:8A:90:96:B1:0E:01:47:42:44:B1 Certificate issuer: /CN=BD5D46B5BFE72F2AA1188A9096B10E01474244B1 Certificate serial: 197C559CD0EBF9BC97474BA0A2A1D07AC427ECBE Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD5D46B5BFE72F2AA1188A9096B10E01474244B1.cer Subject info access: rsync://repo-rpki.idnic.net/repo/d924fa9a-e5f3-4265-9e1d-84e4535961d0/0/BD5D46B5BFE72F2AA1188A9096B10E01474244B1.mft Manifest number: 02B7 Signing time: Mon 20 Apr 2026 10:21:38 +0000 Manifest this update: Mon 20 Apr 2026 10:16:38 +0000 Manifest next update: Thu 23 Apr 2026 18:12:38 +0000 Files and hashes: 1: 3130332e3130352e3139352e302f32342d3234203d3e20313336383738.roa (hash: O8lklXAV7vvG+v+hANkUO5KIwzG98mC/eIBJJgrAC6Y=) 2: 3130332e3130352e3139322e302f32342d3234203d3e20313336383738.roa (hash: w0xMtSXTcSCSqsp69YKeThLLGPMrf9e1AjwvZ9mn/V0=) 3: BD5D46B5BFE72F2AA1188A9096B10E01474244B1.crl (hash: eonUuobRc7BkIliNtCuYqzfFqUP0mNxG5XSZ5nyW8PI=) 4: 3130332e3130352e3139332e302f32342d3234203d3e20313337333136.roa (hash: TXKlB2hfqxWA+jXF08t3ciFtbxDo9W/xPDl1rsz8aDE=) 5: 3130332e3130352e3139342e302f32342d3234203d3e20313336383738.roa (hash: sGPkr82UUN2m0p5Z6EeIkVlWIj/RwlmetOwmRgGSsB8=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/d924fa9a-e5f3-4265-9e1d-84e4535961d0/0/BD5D46B5BFE72F2AA1188A9096B10E01474244B1.crl rsync://repo-rpki.idnic.net/repo/d924fa9a-e5f3-4265-9e1d-84e4535961d0/0/BD5D46B5BFE72F2AA1188A9096B10E01474244B1.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD5D46B5BFE72F2AA1188A9096B10E01474244B1.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Apr 2026 18:12:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:7c:55:9c:d0:eb:f9:bc:97:47:4b:a0:a2:a1:d0:7a:c4:27:ec:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BD5D46B5BFE72F2AA1188A9096B10E01474244B1 Validity Not Before: Apr 20 10:16:38 2026 GMT Not After : Apr 23 18:12:38 2026 GMT Subject: CN=38CC2AF734FEB614733E3D873978C6FC60F610A5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:60:9c:1e:64:6d:c9:15:2d:1d:c7:0b:87:12: fc:cb:6c:44:cd:c8:8a:bd:3a:a6:07:3b:6c:11:f4: de:f7:97:e7:8f:2d:ac:11:3d:94:13:5c:f7:29:58: 3a:97:f6:d4:6d:ba:75:71:e2:4f:25:8a:19:f5:ad: 54:21:4f:03:b0:dd:94:7e:0a:b6:ff:bb:9c:25:c8: 84:7b:f7:7d:52:47:30:b9:38:0d:c6:51:f2:ed:9d: 5f:e3:e1:70:0f:3f:ea:27:a0:0c:2a:56:18:82:b7: 29:7a:99:a4:4f:a3:01:e0:94:e6:d8:2e:de:ed:db: 88:b9:7e:de:d2:ad:93:bb:49:5c:48:4a:09:ed:a0: 7c:78:9a:39:ca:b8:74:a3:17:58:17:cb:04:f3:dc: 89:69:44:db:92:33:1a:64:9a:5c:49:88:03:94:01: c2:90:f9:b1:45:13:9e:53:ce:7c:bd:50:40:8e:6a: 40:44:37:f6:76:3f:9b:22:fb:87:a8:18:06:22:9d: 08:8e:d7:c9:43:26:6b:b6:91:54:0a:a4:b2:50:d4: 07:e8:f4:bc:54:b2:ef:d6:ec:a3:e9:32:3c:61:63: 26:8a:f8:d9:6b:d3:79:5e:f0:14:9b:c9:86:95:91: 1f:99:f7:aa:25:20:d7:2f:14:84:f4:e5:62:fb:b1: 4c:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:CC:2A:F7:34:FE:B6:14:73:3E:3D:87:39:78:C6:FC:60:F6:10:A5 X509v3 Authority Key Identifier: keyid:BD:5D:46:B5:BF:E7:2F:2A:A1:18:8A:90:96:B1:0E:01:47:42:44:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/d924fa9a-e5f3-4265-9e1d-84e4535961d0/0/BD5D46B5BFE72F2AA1188A9096B10E01474244B1.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BD5D46B5BFE72F2AA1188A9096B10E01474244B1.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d924fa9a-e5f3-4265-9e1d-84e4535961d0/0/BD5D46B5BFE72F2AA1188A9096B10E01474244B1.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 31:47:2c:36:b5:a5:c1:e9:68:04:93:62:cf:fa:42:9b:eb:c6: 22:6f:11:68:1a:a7:41:bb:a0:23:99:63:02:3c:37:c1:0a:1c: 89:d1:52:28:f1:ec:c1:82:e1:d7:4d:3c:7a:40:fe:e2:e3:6b: 44:85:46:17:6b:41:3a:4b:c2:a7:64:3f:5b:e5:a1:69:e6:29: cf:50:a9:50:8e:04:19:44:87:b9:2a:e4:eb:b4:7d:bf:e0:74: 6c:f0:3e:78:40:71:7c:d0:ea:39:6a:81:d7:8a:f8:1e:2a:31: 93:bc:8b:f2:4f:ec:e2:af:84:56:1d:7c:2e:13:77:ca:1d:6e: f0:0c:52:f7:b7:00:c6:da:8d:f2:a0:be:9a:64:c1:ba:37:c0: 10:3a:58:e1:53:c5:a2:c1:9d:e4:ec:f7:30:f4:4c:2f:f1:ae: 38:c7:c1:c2:2e:fe:84:e6:c5:e9:7b:91:9d:be:73:93:97:e1: 3a:ff:ee:5c:64:25:bd:64:07:cd:ab:b6:8e:cc:ea:59:69:50: 38:17:be:07:c7:73:5c:a2:8c:5c:e9:fe:7a:48:46:16:cd:48: e4:1f:d9:96:83:bf:0b:6c:b4:84:b0:45:9c:51:6b:dd:e7:0e: 68:2f:a6:d8:33:1f:04:f5:3e:b7:ec:58:dc:72:53:cb:b6:2b: ce:2a:c1:b4 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUGXxVnNDr+byXR0ugoqHQesQn7L4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkQ1RDQ2QjVCRkU3MkYyQUExMTg4QTkwOTZCMTBFMDE0 NzQyNDRCMTAeFw0yNjA0MjAxMDE2MzhaFw0yNjA0MjMxODEyMzhaMDMxMTAvBgNV BAMTKDM4Q0MyQUY3MzRGRUI2MTQ3MzNFM0Q4NzM5NzhDNkZDNjBGNjEwQTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNYJweZG3JFS0dxwuHEvzLbETN yIq9OqYHO2wR9N73l+ePLawRPZQTXPcpWDqX9tRtunVx4k8lihn1rVQhTwOw3ZR+ Crb/u5wlyIR7931SRzC5OA3GUfLtnV/j4XAPP+onoAwqVhiCtyl6maRPowHglObY Lt7t24i5ft7SrZO7SVxISgntoHx4mjnKuHSjF1gXywTz3IlpRNuSMxpkmlxJiAOU AcKQ+bFFE55Tzny9UECOakBEN/Z2P5si+4eoGAYinQiO18lDJmu2kVQKpLJQ1Afo 9LxUsu/W7KPpMjxhYyaK+Nlr03le8BSbyYaVkR+Z96olINcvFIT05WL7sUyxAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUOMwq9zT+thRzPj2HOXjG/GD2EKUwHwYDVR0j BBgwFoAUvV1Gtb/nLyqhGIqQlrEOAUdCRLEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k OTI0ZmE5YS1lNWYzLTQyNjUtOWUxZC04NGU0NTM1OTYxZDAvMC9CRDVENDZCNUJG RTcyRjJBQTExODhBOTA5NkIxMEUwMTQ3NDI0NEIxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQkQ1RDQ2QjVCRkU3MkYyQUExMTg4QTkwOTZCMTBFMDE0NzQy NDRCMS5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vZDkyNGZhOWEtZTVmMy00MjY1LTll MWQtODRlNDUzNTk2MWQwLzAvQkQ1RDQ2QjVCRkU3MkYyQUExMTg4QTkwOTZCMTBF MDE0NzQyNDRCMS5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBADFHLDa1pcHpaASTYs/6QpvrxiJvEWgap0G7 oCOZYwI8N8EKHInRUijx7MGC4ddNPHpA/uLja0SFRhdrQTpLwqdkP1vloWnmKc9Q qVCOBBlEh7kq5Ou0fb/gdGzwPnhAcXzQ6jlqgdeK+B4qMZO8i/JP7OKvhFYdfC4T d8odbvAMUve3AMbajfKgvppkwbo3wBA6WOFTxaLBneTs9zD0TC/xrjjHwcIu/oTm xel7kZ2+c5OX4Tr/7lxkJb1kB82rto7M6llpUDgXvgfHc1yijFzp/npIRhbNSOQf 2ZaDvwtstISwRZxRa93nDmgvptgzHwT1PrfsWNxyU8u2K84qwbQ= -----END CERTIFICATE-----Generated at Wed Apr 22 10:01:51 2026 by rpki-client